LinuxQuestions.org - RPC: Authentication error; why = Client credential too weak

- Programming (https://www.linuxquestions.org/questions/programming-9/)

- - RPC: Authentication error; why = Client credential too weak (https://www.linuxquestions.org/questions/programming-9/rpc-authentication-error%3B-why-%3D-client-credential-too-weak-4175454731/)

harig

03-19-2013 01:25 PM

RPC: Authentication error; why = Client credential too weak

OS: RHEL 6.2 , 2.6.32-220.el6.i686

I created a service using RPC and is compiled using rpcgen and gcc.

When I try to run the service I get the following Error :

Cannot register service: RPC: Authentication error; why = Client credential too weak

I restarted rpcbind with argument -i. Now able to register the RPC process.

man page shows that -i meaning insecure mode. Do I need to rewrite the program to have secure registration? If so any example please.

what causes insecure mode?

linosaurusroot

03-20-2013 07:09 AM

RPC has various security options ranging from None (Unix) through DES to possibly stronger recent versions I've not investigated. I'm afraid I last did RPC programming before the US allowed the relevant libraries to be exported so I didn't use those security features but added my own.

sundialsvcs

03-20-2013 09:32 AM

... and you definitely want to run your RPC service with some level of cryptographic security and client-authentication. Even if you do not actually care if the data being passed is unintelligible (e.g. it's internal-only or passing through a VPN tunnel already), you do want other things like message-integrity and provenance. Take the time to really study these features closely.

An overly-trusting RPC service is a "Bobby Tables problem" at worst, but a source of unacceptable lack-of troubleshooting at best.

All times are GMT -5. The time now is 05:51 PM.